1 /* 2 * TCP over IPv6 3 * Linux INET6 implementation 4 * 5 * Authors: 6 * Pedro Roque <roque@di.fc.ul.pt> 7 * 8 * $Id: tcp_ipv6.c,v 1.144 2002/02/01 22:01:04 davem Exp $ 9 * 10 * Based on: 11 * linux/net/ipv4/tcp.c 12 * linux/net/ipv4/tcp_input.c 13 * linux/net/ipv4/tcp_output.c 14 * 15 * Fixes: 16 * Hideaki YOSHIFUJI : sin6_scope_id support 17 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which 18 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind 19 * a single port at the same time. 20 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file. 21 * 22 * This program is free software; you can redistribute it and/or 23 * modify it under the terms of the GNU General Public License 24 * as published by the Free Software Foundation; either version 25 * 2 of the License, or (at your option) any later version. 26 */ 27 28 #include <linux/module.h> 29 #include <linux/config.h> 30 #include <linux/errno.h> 31 #include <linux/types.h> 32 #include <linux/socket.h> 33 #include <linux/sockios.h> 34 #include <linux/net.h> 35 #include <linux/jiffies.h> 36 #include <linux/in.h> 37 #include <linux/in6.h> 38 #include <linux/netdevice.h> 39 #include <linux/init.h> 40 #include <linux/jhash.h> 41 #include <linux/ipsec.h> 42 #include <linux/times.h> 43 44 #include <linux/ipv6.h> 45 #include <linux/icmpv6.h> 46 #include <linux/random.h> 47 48 #include <net/tcp.h> 49 #include <net/ndisc.h> 50 #include <net/inet6_hashtables.h> 51 #include <net/inet6_connection_sock.h> 52 #include <net/ipv6.h> 53 #include <net/transp_v6.h> 54 #include <net/addrconf.h> 55 #include <net/ip6_route.h> 56 #include <net/ip6_checksum.h> 57 #include <net/inet_ecn.h> 58 #include <net/protocol.h> 59 #include <net/xfrm.h> 60 #include <net/addrconf.h> 61 #include <net/snmp.h> 62 #include <net/dsfield.h> 63 #include <net/timewait_sock.h> 64 65 #include <asm/uaccess.h> 66 67 #include <linux/proc_fs.h> 68 #include <linux/seq_file.h> 69 70 /* Socket used for sending RSTs and ACKs */ 71 static struct socket *tcp6_socket; 72 73 static void tcp_v6_send_reset(struct sk_buff *skb); 74 static void tcp_v6_reqsk_send_ack(struct sk_buff *skb, struct request_sock *req); 75 static void tcp_v6_send_check(struct sock *sk, int len, 76 struct sk_buff *skb); 77 78 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb); 79 80 static struct inet_connection_sock_af_ops ipv6_mapped; 81 static struct inet_connection_sock_af_ops ipv6_specific; 82 83 static int tcp_v6_get_port(struct sock *sk, unsigned short snum) 84 { 85 return inet_csk_get_port(&tcp_hashinfo, sk, snum, 86 inet6_csk_bind_conflict); 87 } 88 89 static void tcp_v6_hash(struct sock *sk) 90 { 91 if (sk->sk_state != TCP_CLOSE) { 92 if (inet_csk(sk)->icsk_af_ops == &ipv6_mapped) { 93 tcp_prot.hash(sk); 94 return; 95 } 96 local_bh_disable(); 97 __inet6_hash(&tcp_hashinfo, sk); 98 local_bh_enable(); 99 } 100 } 101 102 static __inline__ u16 tcp_v6_check(struct tcphdr *th, int len, 103 struct in6_addr *saddr, 104 struct in6_addr *daddr, 105 unsigned long base) 106 { 107 return csum_ipv6_magic(saddr, daddr, len, IPPROTO_TCP, base); 108 } 109 110 static __u32 tcp_v6_init_sequence(struct sock *sk, struct sk_buff *skb) 111 { 112 if (skb->protocol == htons(ETH_P_IPV6)) { 113 return secure_tcpv6_sequence_number(skb->nh.ipv6h->daddr.s6_addr32, 114 skb->nh.ipv6h->saddr.s6_addr32, 115 skb->h.th->dest, 116 skb->h.th->source); 117 } else { 118 return secure_tcp_sequence_number(skb->nh.iph->daddr, 119 skb->nh.iph->saddr, 120 skb->h.th->dest, 121 skb->h.th->source); 122 } 123 } 124 125 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr, 126 int addr_len) 127 { 128 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr; 129 struct inet_sock *inet = inet_sk(sk); 130 struct inet_connection_sock *icsk = inet_csk(sk); 131 struct ipv6_pinfo *np = inet6_sk(sk); 132 struct tcp_sock *tp = tcp_sk(sk); 133 struct in6_addr *saddr = NULL, *final_p = NULL, final; 134 struct flowi fl; 135 struct dst_entry *dst; 136 int addr_type; 137 int err; 138 139 if (addr_len < SIN6_LEN_RFC2133) 140 return -EINVAL; 141 142 if (usin->sin6_family != AF_INET6) 143 return(-EAFNOSUPPORT); 144 145 memset(&fl, 0, sizeof(fl)); 146 147 if (np->sndflow) { 148 fl.fl6_flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK; 149 IP6_ECN_flow_init(fl.fl6_flowlabel); 150 if (fl.fl6_flowlabel&IPV6_FLOWLABEL_MASK) { 151 struct ip6_flowlabel *flowlabel; 152 flowlabel = fl6_sock_lookup(sk, fl.fl6_flowlabel); 153 if (flowlabel == NULL) 154 return -EINVAL; 155 ipv6_addr_copy(&usin->sin6_addr, &flowlabel->dst); 156 fl6_sock_release(flowlabel); 157 } 158 } 159 160 /* 161 * connect() to INADDR_ANY means loopback (BSD'ism). 162 */ 163 164 if(ipv6_addr_any(&usin->sin6_addr)) 165 usin->sin6_addr.s6_addr[15] = 0x1; 166 167 addr_type = ipv6_addr_type(&usin->sin6_addr); 168 169 if(addr_type & IPV6_ADDR_MULTICAST) 170 return -ENETUNREACH; 171 172 if (addr_type&IPV6_ADDR_LINKLOCAL) { 173 if (addr_len >= sizeof(struct sockaddr_in6) && 174 usin->sin6_scope_id) { 175 /* If interface is set while binding, indices 176 * must coincide. 177 */ 178 if (sk->sk_bound_dev_if && 179 sk->sk_bound_dev_if != usin->sin6_scope_id) 180 return -EINVAL; 181 182 sk->sk_bound_dev_if = usin->sin6_scope_id; 183 } 184 185 /* Connect to link-local address requires an interface */ 186 if (!sk->sk_bound_dev_if) 187 return -EINVAL; 188 } 189 190 if (tp->rx_opt.ts_recent_stamp && 191 !ipv6_addr_equal(&np->daddr, &usin->sin6_addr)) { 192 tp->rx_opt.ts_recent = 0; 193 tp->rx_opt.ts_recent_stamp = 0; 194 tp->write_seq = 0; 195 } 196 197 ipv6_addr_copy(&np->daddr, &usin->sin6_addr); 198 np->flow_label = fl.fl6_flowlabel; 199 200 /* 201 * TCP over IPv4 202 */ 203 204 if (addr_type == IPV6_ADDR_MAPPED) { 205 u32 exthdrlen = icsk->icsk_ext_hdr_len; 206 struct sockaddr_in sin; 207 208 SOCK_DEBUG(sk, "connect: ipv4 mapped\n"); 209 210 if (__ipv6_only_sock(sk)) 211 return -ENETUNREACH; 212 213 sin.sin_family = AF_INET; 214 sin.sin_port = usin->sin6_port; 215 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3]; 216 217 icsk->icsk_af_ops = &ipv6_mapped; 218 sk->sk_backlog_rcv = tcp_v4_do_rcv; 219 220 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin)); 221 222 if (err) { 223 icsk->icsk_ext_hdr_len = exthdrlen; 224 icsk->icsk_af_ops = &ipv6_specific; 225 sk->sk_backlog_rcv = tcp_v6_do_rcv; 226 goto failure; 227 } else { 228 ipv6_addr_set(&np->saddr, 0, 0, htonl(0x0000FFFF), 229 inet->saddr); 230 ipv6_addr_set(&np->rcv_saddr, 0, 0, htonl(0x0000FFFF), 231 inet->rcv_saddr); 232 } 233 234 return err; 235 } 236 237 if (!ipv6_addr_any(&np->rcv_saddr)) 238 saddr = &np->rcv_saddr; 239 240 fl.proto = IPPROTO_TCP; 241 ipv6_addr_copy(&fl.fl6_dst, &np->daddr); 242 ipv6_addr_copy(&fl.fl6_src, 243 (saddr ? saddr : &np->saddr)); 244 fl.oif = sk->sk_bound_dev_if; 245 fl.fl_ip_dport = usin->sin6_port; 246 fl.fl_ip_sport = inet->sport; 247 248 if (np->opt && np->opt->srcrt) { 249 struct rt0_hdr *rt0 = (struct rt0_hdr *)np->opt->srcrt; 250 ipv6_addr_copy(&final, &fl.fl6_dst); 251 ipv6_addr_copy(&fl.fl6_dst, rt0->addr); 252 final_p = &final; 253 } 254 255 err = ip6_dst_lookup(sk, &dst, &fl); 256 if (err) 257 goto failure; 258 if (final_p) 259 ipv6_addr_copy(&fl.fl6_dst, final_p); 260 261 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) 262 goto failure; 263 264 if (saddr == NULL) { 265 saddr = &fl.fl6_src; 266 ipv6_addr_copy(&np->rcv_saddr, saddr); 267 } 268 269 /* set the source address */ 270 ipv6_addr_copy(&np->saddr, saddr); 271 inet->rcv_saddr = LOOPBACK4_IPV6; 272 273 ip6_dst_store(sk, dst, NULL); 274 sk->sk_route_caps = dst->dev->features & 275 ~(NETIF_F_IP_CSUM | NETIF_F_TSO); 276 277 icsk->icsk_ext_hdr_len = 0; 278 if (np->opt) 279 icsk->icsk_ext_hdr_len = (np->opt->opt_flen + 280 np->opt->opt_nflen); 281 282 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr); 283 284 inet->dport = usin->sin6_port; 285 286 tcp_set_state(sk, TCP_SYN_SENT); 287 err = inet6_hash_connect(&tcp_death_row, sk); 288 if (err) 289 goto late_failure; 290 291 if (!tp->write_seq) 292 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32, 293 np->daddr.s6_addr32, 294 inet->sport, 295 inet->dport); 296 297 err = tcp_connect(sk); 298 if (err) 299 goto late_failure; 300 301 return 0; 302 303 late_failure: 304 tcp_set_state(sk, TCP_CLOSE); 305 __sk_dst_reset(sk); 306 failure: 307 inet->dport = 0; 308 sk->sk_route_caps = 0; 309 return err; 310 } 311 312 static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, 313 int type, int code, int offset, __u32 info) 314 { 315 struct ipv6hdr *hdr = (struct ipv6hdr*)skb->data; 316 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset); 317 struct ipv6_pinfo *np; 318 struct sock *sk; 319 int err; 320 struct tcp_sock *tp; 321 __u32 seq; 322 323 sk = inet6_lookup(&tcp_hashinfo, &hdr->daddr, th->dest, &hdr->saddr, 324 th->source, skb->dev->ifindex); 325 326 if (sk == NULL) { 327 ICMP6_INC_STATS_BH(__in6_dev_get(skb->dev), ICMP6_MIB_INERRORS); 328 return; 329 } 330 331 if (sk->sk_state == TCP_TIME_WAIT) { 332 inet_twsk_put((struct inet_timewait_sock *)sk); 333 return; 334 } 335 336 bh_lock_sock(sk); 337 if (sock_owned_by_user(sk)) 338 NET_INC_STATS_BH(LINUX_MIB_LOCKDROPPEDICMPS); 339 340 if (sk->sk_state == TCP_CLOSE) 341 goto out; 342 343 tp = tcp_sk(sk); 344 seq = ntohl(th->seq); 345 if (sk->sk_state != TCP_LISTEN && 346 !between(seq, tp->snd_una, tp->snd_nxt)) { 347 NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS); 348 goto out; 349 } 350 351 np = inet6_sk(sk); 352 353 if (type == ICMPV6_PKT_TOOBIG) { 354 struct dst_entry *dst = NULL; 355 356 if (sock_owned_by_user(sk)) 357 goto out; 358 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE)) 359 goto out; 360 361 /* icmp should have updated the destination cache entry */ 362 dst = __sk_dst_check(sk, np->dst_cookie); 363 364 if (dst == NULL) { 365 struct inet_sock *inet = inet_sk(sk); 366 struct flowi fl; 367 368 /* BUGGG_FUTURE: Again, it is not clear how 369 to handle rthdr case. Ignore this complexity 370 for now. 371 */ 372 memset(&fl, 0, sizeof(fl)); 373 fl.proto = IPPROTO_TCP; 374 ipv6_addr_copy(&fl.fl6_dst, &np->daddr); 375 ipv6_addr_copy(&fl.fl6_src, &np->saddr); 376 fl.oif = sk->sk_bound_dev_if; 377 fl.fl_ip_dport = inet->dport; 378 fl.fl_ip_sport = inet->sport; 379 380 if ((err = ip6_dst_lookup(sk, &dst, &fl))) { 381 sk->sk_err_soft = -err; 382 goto out; 383 } 384 385 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) { 386 sk->sk_err_soft = -err; 387 goto out; 388 } 389 390 } else 391 dst_hold(dst); 392 393 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) { 394 tcp_sync_mss(sk, dst_mtu(dst)); 395 tcp_simple_retransmit(sk); 396 } /* else let the usual retransmit timer handle it */ 397 dst_release(dst); 398 goto out; 399 } 400 401 icmpv6_err_convert(type, code, &err); 402 403 /* Might be for an request_sock */ 404 switch (sk->sk_state) { 405 struct request_sock *req, **prev; 406 case TCP_LISTEN: 407 if (sock_owned_by_user(sk)) 408 goto out; 409 410 req = inet6_csk_search_req(sk, &prev, th->dest, &hdr->daddr, 411 &hdr->saddr, inet6_iif(skb)); 412 if (!req) 413 goto out; 414 415 /* ICMPs are not backlogged, hence we cannot get 416 * an established socket here. 417 */ 418 BUG_TRAP(req->sk == NULL); 419 420 if (seq != tcp_rsk(req)->snt_isn) { 421 NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS); 422 goto out; 423 } 424 425 inet_csk_reqsk_queue_drop(sk, req, prev); 426 goto out; 427 428 case TCP_SYN_SENT: 429 case TCP_SYN_RECV: /* Cannot happen. 430 It can, it SYNs are crossed. --ANK */ 431 if (!sock_owned_by_user(sk)) { 432 TCP_INC_STATS_BH(TCP_MIB_ATTEMPTFAILS); 433 sk->sk_err = err; 434 sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */ 435 436 tcp_done(sk); 437 } else 438 sk->sk_err_soft = err; 439 goto out; 440 } 441 442 if (!sock_owned_by_user(sk) && np->recverr) { 443 sk->sk_err = err; 444 sk->sk_error_report(sk); 445 } else 446 sk->sk_err_soft = err; 447 448 out: 449 bh_unlock_sock(sk); 450 sock_put(sk); 451 } 452 453 454 static int tcp_v6_send_synack(struct sock *sk, struct request_sock *req, 455 struct dst_entry *dst) 456 { 457 struct inet6_request_sock *treq = inet6_rsk(req); 458 struct ipv6_pinfo *np = inet6_sk(sk); 459 struct sk_buff * skb; 460 struct ipv6_txoptions *opt = NULL; 461 struct in6_addr * final_p = NULL, final; 462 struct flowi fl; 463 int err = -1; 464 465 memset(&fl, 0, sizeof(fl)); 466 fl.proto = IPPROTO_TCP; 467 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr); 468 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr); 469 fl.fl6_flowlabel = 0; 470 fl.oif = treq->iif; 471 fl.fl_ip_dport = inet_rsk(req)->rmt_port; 472 fl.fl_ip_sport = inet_sk(sk)->sport; 473 474 if (dst == NULL) { 475 opt = np->opt; 476 if (opt == NULL && 477 np->rxopt.bits.osrcrt == 2 && 478 treq->pktopts) { 479 struct sk_buff *pktopts = treq->pktopts; 480 struct inet6_skb_parm *rxopt = IP6CB(pktopts); 481 if (rxopt->srcrt) 482 opt = ipv6_invert_rthdr(sk, (struct ipv6_rt_hdr*)(pktopts->nh.raw + rxopt->srcrt)); 483 } 484 485 if (opt && opt->srcrt) { 486 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt; 487 ipv6_addr_copy(&final, &fl.fl6_dst); 488 ipv6_addr_copy(&fl.fl6_dst, rt0->addr); 489 final_p = &final; 490 } 491 492 err = ip6_dst_lookup(sk, &dst, &fl); 493 if (err) 494 goto done; 495 if (final_p) 496 ipv6_addr_copy(&fl.fl6_dst, final_p); 497 if ((err = xfrm_lookup(&dst, &fl, sk, 0)) < 0) 498 goto done; 499 } 500 501 skb = tcp_make_synack(sk, dst, req); 502 if (skb) { 503 struct tcphdr *th = skb->h.th; 504 505 th->check = tcp_v6_check(th, skb->len, 506 &treq->loc_addr, &treq->rmt_addr, 507 csum_partial((char *)th, skb->len, skb->csum)); 508 509 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr); 510 err = ip6_xmit(sk, skb, &fl, opt, 0); 511 if (err == NET_XMIT_CN) 512 err = 0; 513 } 514 515 done: 516 if (opt && opt != np->opt) 517 sock_kfree_s(sk, opt, opt->tot_len); 518 dst_release(dst); 519 return err; 520 } 521 522 static void tcp_v6_reqsk_destructor(struct request_sock *req) 523 { 524 if (inet6_rsk(req)->pktopts) 525 kfree_skb(inet6_rsk(req)->pktopts); 526 } 527 528 static struct request_sock_ops tcp6_request_sock_ops = { 529 .family = AF_INET6, 530 .obj_size = sizeof(struct tcp6_request_sock), 531 .rtx_syn_ack = tcp_v6_send_synack, 532 .send_ack = tcp_v6_reqsk_send_ack, 533 .destructor = tcp_v6_reqsk_destructor, 534 .send_reset = tcp_v6_send_reset 535 }; 536 537 static struct timewait_sock_ops tcp6_timewait_sock_ops = { 538 .twsk_obj_size = sizeof(struct tcp6_timewait_sock), 539 .twsk_unique = tcp_twsk_unique, 540 }; 541 542 static void tcp_v6_send_check(struct sock *sk, int len, struct sk_buff *skb) 543 { 544 struct ipv6_pinfo *np = inet6_sk(sk); 545 struct tcphdr *th = skb->h.th; 546 547 if (skb->ip_summed == CHECKSUM_HW) { 548 th->check = ~csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP, 0); 549 skb->csum = offsetof(struct tcphdr, check); 550 } else { 551 th->check = csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP, 552 csum_partial((char *)th, th->doff<<2, 553 skb->csum)); 554 } 555 } 556 557 558 static void tcp_v6_send_reset(struct sk_buff *skb) 559 { 560 struct tcphdr *th = skb->h.th, *t1; 561 struct sk_buff *buff; 562 struct flowi fl; 563 564 if (th->rst) 565 return; 566 567 if (!ipv6_unicast_destination(skb)) 568 return; 569 570 /* 571 * We need to grab some memory, and put together an RST, 572 * and then put it into the queue to be sent. 573 */ 574 575 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + sizeof(struct tcphdr), 576 GFP_ATOMIC); 577 if (buff == NULL) 578 return; 579 580 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + sizeof(struct tcphdr)); 581 582 t1 = (struct tcphdr *) skb_push(buff,sizeof(struct tcphdr)); 583 584 /* Swap the send and the receive. */ 585 memset(t1, 0, sizeof(*t1)); 586 t1->dest = th->source; 587 t1->source = th->dest; 588 t1->doff = sizeof(*t1)/4; 589 t1->rst = 1; 590 591 if(th->ack) { 592 t1->seq = th->ack_seq; 593 } else { 594 t1->ack = 1; 595 t1->ack_seq = htonl(ntohl(th->seq) + th->syn + th->fin 596 + skb->len - (th->doff<<2)); 597 } 598 599 buff->csum = csum_partial((char *)t1, sizeof(*t1), 0); 600 601 memset(&fl, 0, sizeof(fl)); 602 ipv6_addr_copy(&fl.fl6_dst, &skb->nh.ipv6h->saddr); 603 ipv6_addr_copy(&fl.fl6_src, &skb->nh.ipv6h->daddr); 604 605 t1->check = csum_ipv6_magic(&fl.fl6_src, &fl.fl6_dst, 606 sizeof(*t1), IPPROTO_TCP, 607 buff->csum); 608 609 fl.proto = IPPROTO_TCP; 610 fl.oif = inet6_iif(skb); 611 fl.fl_ip_dport = t1->dest; 612 fl.fl_ip_sport = t1->source; 613 614 /* sk = NULL, but it is safe for now. RST socket required. */ 615 if (!ip6_dst_lookup(NULL, &buff->dst, &fl)) { 616 617 if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) { 618 ip6_xmit(tcp6_socket->sk, buff, &fl, NULL, 0); 619 TCP_INC_STATS_BH(TCP_MIB_OUTSEGS); 620 TCP_INC_STATS_BH(TCP_MIB_OUTRSTS); 621 return; 622 } 623 } 624 625 kfree_skb(buff); 626 } 627 628 static void tcp_v6_send_ack(struct sk_buff *skb, u32 seq, u32 ack, u32 win, u32 ts) 629 { 630 struct tcphdr *th = skb->h.th, *t1; 631 struct sk_buff *buff; 632 struct flowi fl; 633 int tot_len = sizeof(struct tcphdr); 634 635 if (ts) 636 tot_len += 3*4; 637 638 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len, 639 GFP_ATOMIC); 640 if (buff == NULL) 641 return; 642 643 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len); 644 645 t1 = (struct tcphdr *) skb_push(buff,tot_len); 646 647 /* Swap the send and the receive. */ 648 memset(t1, 0, sizeof(*t1)); 649 t1->dest = th->source; 650 t1->source = th->dest; 651 t1->doff = tot_len/4; 652 t1->seq = htonl(seq); 653 t1->ack_seq = htonl(ack); 654 t1->ack = 1; 655 t1->window = htons(win); 656 657 if (ts) { 658 u32 *ptr = (u32*)(t1 + 1); 659 *ptr++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) | 660 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP); 661 *ptr++ = htonl(tcp_time_stamp); 662 *ptr = htonl(ts); 663 } 664 665 buff->csum = csum_partial((char *)t1, tot_len, 0); 666 667 memset(&fl, 0, sizeof(fl)); 668 ipv6_addr_copy(&fl.fl6_dst, &skb->nh.ipv6h->saddr); 669 ipv6_addr_copy(&fl.fl6_src, &skb->nh.ipv6h->daddr); 670 671 t1->check = csum_ipv6_magic(&fl.fl6_src, &fl.fl6_dst, 672 tot_len, IPPROTO_TCP, 673 buff->csum); 674 675 fl.proto = IPPROTO_TCP; 676 fl.oif = inet6_iif(skb); 677 fl.fl_ip_dport = t1->dest; 678 fl.fl_ip_sport = t1->source; 679 680 if (!ip6_dst_lookup(NULL, &buff->dst, &fl)) { 681 if (xfrm_lookup(&buff->dst, &fl, NULL, 0) >= 0) { 682 ip6_xmit(tcp6_socket->sk, buff, &fl, NULL, 0); 683 TCP_INC_STATS_BH(TCP_MIB_OUTSEGS); 684 return; 685 } 686 } 687 688 kfree_skb(buff); 689 } 690 691 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb) 692 { 693 struct inet_timewait_sock *tw = inet_twsk(sk); 694 const struct tcp_timewait_sock *tcptw = tcp_twsk(sk); 695 696 tcp_v6_send_ack(skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt, 697 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale, 698 tcptw->tw_ts_recent); 699 700 inet_twsk_put(tw); 701 } 702 703 static void tcp_v6_reqsk_send_ack(struct sk_buff *skb, struct request_sock *req) 704 { 705 tcp_v6_send_ack(skb, tcp_rsk(req)->snt_isn + 1, tcp_rsk(req)->rcv_isn + 1, req->rcv_wnd, req->ts_recent); 706 } 707 708 709 static struct sock *tcp_v6_hnd_req(struct sock *sk,struct sk_buff *skb) 710 { 711 struct request_sock *req, **prev; 712 const struct tcphdr *th = skb->h.th; 713 struct sock *nsk; 714 715 /* Find possible connection requests. */ 716 req = inet6_csk_search_req(sk, &prev, th->source, 717 &skb->nh.ipv6h->saddr, 718 &skb->nh.ipv6h->daddr, inet6_iif(skb)); 719 if (req) 720 return tcp_check_req(sk, skb, req, prev); 721 722 nsk = __inet6_lookup_established(&tcp_hashinfo, &skb->nh.ipv6h->saddr, 723 th->source, &skb->nh.ipv6h->daddr, 724 ntohs(th->dest), inet6_iif(skb)); 725 726 if (nsk) { 727 if (nsk->sk_state != TCP_TIME_WAIT) { 728 bh_lock_sock(nsk); 729 return nsk; 730 } 731 inet_twsk_put((struct inet_timewait_sock *)nsk); 732 return NULL; 733 } 734 735 #if 0 /*def CONFIG_SYN_COOKIES*/ 736 if (!th->rst && !th->syn && th->ack) 737 sk = cookie_v6_check(sk, skb, &(IPCB(skb)->opt)); 738 #endif 739 return sk; 740 } 741 742 /* FIXME: this is substantially similar to the ipv4 code. 743 * Can some kind of merge be done? -- erics 744 */ 745 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb) 746 { 747 struct inet6_request_sock *treq; 748 struct ipv6_pinfo *np = inet6_sk(sk); 749 struct tcp_options_received tmp_opt; 750 struct tcp_sock *tp = tcp_sk(sk); 751 struct request_sock *req = NULL; 752 __u32 isn = TCP_SKB_CB(skb)->when; 753 754 if (skb->protocol == htons(ETH_P_IP)) 755 return tcp_v4_conn_request(sk, skb); 756 757 if (!ipv6_unicast_destination(skb)) 758 goto drop; 759 760 /* 761 * There are no SYN attacks on IPv6, yet... 762 */ 763 if (inet_csk_reqsk_queue_is_full(sk) && !isn) { 764 if (net_ratelimit()) 765 printk(KERN_INFO "TCPv6: dropping request, synflood is possible\n"); 766 goto drop; 767 } 768 769 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1) 770 goto drop; 771 772 req = inet6_reqsk_alloc(&tcp6_request_sock_ops); 773 if (req == NULL) 774 goto drop; 775 776 tcp_clear_options(&tmp_opt); 777 tmp_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr); 778 tmp_opt.user_mss = tp->rx_opt.user_mss; 779 780 tcp_parse_options(skb, &tmp_opt, 0); 781 782 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp; 783 tcp_openreq_init(req, &tmp_opt, skb); 784 785 treq = inet6_rsk(req); 786 ipv6_addr_copy(&treq->rmt_addr, &skb->nh.ipv6h->saddr); 787 ipv6_addr_copy(&treq->loc_addr, &skb->nh.ipv6h->daddr); 788 TCP_ECN_create_request(req, skb->h.th); 789 treq->pktopts = NULL; 790 if (ipv6_opt_accepted(sk, skb) || 791 np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo || 792 np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) { 793 atomic_inc(&skb->users); 794 treq->pktopts = skb; 795 } 796 treq->iif = sk->sk_bound_dev_if; 797 798 /* So that link locals have meaning */ 799 if (!sk->sk_bound_dev_if && 800 ipv6_addr_type(&treq->rmt_addr) & IPV6_ADDR_LINKLOCAL) 801 treq->iif = inet6_iif(skb); 802 803 if (isn == 0) 804 isn = tcp_v6_init_sequence(sk,skb); 805 806 tcp_rsk(req)->snt_isn = isn; 807 808 if (tcp_v6_send_synack(sk, req, NULL)) 809 goto drop; 810 811 inet6_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT); 812 return 0; 813 814 drop: 815 if (req) 816 reqsk_free(req); 817 818 TCP_INC_STATS_BH(TCP_MIB_ATTEMPTFAILS); 819 return 0; /* don't send reset */ 820 } 821 822 static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb, 823 struct request_sock *req, 824 struct dst_entry *dst) 825 { 826 struct inet6_request_sock *treq = inet6_rsk(req); 827 struct ipv6_pinfo *newnp, *np = inet6_sk(sk); 828 struct tcp6_sock *newtcp6sk; 829 struct inet_sock *newinet; 830 struct tcp_sock *newtp; 831 struct sock *newsk; 832 struct ipv6_txoptions *opt; 833 834 if (skb->protocol == htons(ETH_P_IP)) { 835 /* 836 * v6 mapped 837 */ 838 839 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst); 840 841 if (newsk == NULL) 842 return NULL; 843 844 newtcp6sk = (struct tcp6_sock *)newsk; 845 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6; 846 847 newinet = inet_sk(newsk); 848 newnp = inet6_sk(newsk); 849 newtp = tcp_sk(newsk); 850 851 memcpy(newnp, np, sizeof(struct ipv6_pinfo)); 852 853 ipv6_addr_set(&newnp->daddr, 0, 0, htonl(0x0000FFFF), 854 newinet->daddr); 855 856 ipv6_addr_set(&newnp->saddr, 0, 0, htonl(0x0000FFFF), 857 newinet->saddr); 858 859 ipv6_addr_copy(&newnp->rcv_saddr, &newnp->saddr); 860 861 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped; 862 newsk->sk_backlog_rcv = tcp_v4_do_rcv; 863 newnp->pktoptions = NULL; 864 newnp->opt = NULL; 865 newnp->mcast_oif = inet6_iif(skb); 866 newnp->mcast_hops = skb->nh.ipv6h->hop_limit; 867 868 /* 869 * No need to charge this sock to the relevant IPv6 refcnt debug socks count 870 * here, tcp_create_openreq_child now does this for us, see the comment in 871 * that function for the gory details. -acme 872 */ 873 874 /* It is tricky place. Until this moment IPv4 tcp 875 worked with IPv6 icsk.icsk_af_ops. 876 Sync it now. 877 */ 878 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie); 879 880 return newsk; 881 } 882 883 opt = np->opt; 884 885 if (sk_acceptq_is_full(sk)) 886 goto out_overflow; 887 888 if (np->rxopt.bits.osrcrt == 2 && 889 opt == NULL && treq->pktopts) { 890 struct inet6_skb_parm *rxopt = IP6CB(treq->pktopts); 891 if (rxopt->srcrt) 892 opt = ipv6_invert_rthdr(sk, (struct ipv6_rt_hdr *)(treq->pktopts->nh.raw + rxopt->srcrt)); 893 } 894 895 if (dst == NULL) { 896 struct in6_addr *final_p = NULL, final; 897 struct flowi fl; 898 899 memset(&fl, 0, sizeof(fl)); 900 fl.proto = IPPROTO_TCP; 901 ipv6_addr_copy(&fl.fl6_dst, &treq->rmt_addr); 902 if (opt && opt->srcrt) { 903 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt; 904 ipv6_addr_copy(&final, &fl.fl6_dst); 905 ipv6_addr_copy(&fl.fl6_dst, rt0->addr); 906 final_p = &final; 907 } 908 ipv6_addr_copy(&fl.fl6_src, &treq->loc_addr); 909 fl.oif = sk->sk_bound_dev_if; 910 fl.fl_ip_dport = inet_rsk(req)->rmt_port; 911 fl.fl_ip_sport = inet_sk(sk)->sport; 912 913 if (ip6_dst_lookup(sk, &dst, &fl)) 914 goto out; 915 916 if (final_p) 917 ipv6_addr_copy(&fl.fl6_dst, final_p); 918 919 if ((xfrm_lookup(&dst, &fl, sk, 0)) < 0) 920 goto out; 921 } 922 923 newsk = tcp_create_openreq_child(sk, req, skb); 924 if (newsk == NULL) 925 goto out; 926 927 /* 928 * No need to charge this sock to the relevant IPv6 refcnt debug socks 929 * count here, tcp_create_openreq_child now does this for us, see the 930 * comment in that function for the gory details. -acme 931 */ 932 933 ip6_dst_store(newsk, dst, NULL); 934 newsk->sk_route_caps = dst->dev->features & 935 ~(NETIF_F_IP_CSUM | NETIF_F_TSO); 936 937 newtcp6sk = (struct tcp6_sock *)newsk; 938 inet_sk(newsk)->pinet6 = &newtcp6sk->inet6; 939 940 newtp = tcp_sk(newsk); 941 newinet = inet_sk(newsk); 942 newnp = inet6_sk(newsk); 943 944 memcpy(newnp, np, sizeof(struct ipv6_pinfo)); 945 946 ipv6_addr_copy(&newnp->daddr, &treq->rmt_addr); 947 ipv6_addr_copy(&newnp->saddr, &treq->loc_addr); 948 ipv6_addr_copy(&newnp->rcv_saddr, &treq->loc_addr); 949 newsk->sk_bound_dev_if = treq->iif; 950 951 /* Now IPv6 options... 952 953 First: no IPv4 options. 954 */ 955 newinet->opt = NULL; 956 957 /* Clone RX bits */ 958 newnp->rxopt.all = np->rxopt.all; 959 960 /* Clone pktoptions received with SYN */ 961 newnp->pktoptions = NULL; 962 if (treq->pktopts != NULL) { 963 newnp->pktoptions = skb_clone(treq->pktopts, GFP_ATOMIC); 964 kfree_skb(treq->pktopts); 965 treq->pktopts = NULL; 966 if (newnp->pktoptions) 967 skb_set_owner_r(newnp->pktoptions, newsk); 968 } 969 newnp->opt = NULL; 970 newnp->mcast_oif = inet6_iif(skb); 971 newnp->mcast_hops = skb->nh.ipv6h->hop_limit; 972 973 /* Clone native IPv6 options from listening socket (if any) 974 975 Yes, keeping reference count would be much more clever, 976 but we make one more one thing there: reattach optmem 977 to newsk. 978 */ 979 if (opt) { 980 newnp->opt = ipv6_dup_options(newsk, opt); 981 if (opt != np->opt) 982 sock_kfree_s(sk, opt, opt->tot_len); 983 } 984 985 inet_csk(newsk)->icsk_ext_hdr_len = 0; 986 if (newnp->opt) 987 inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen + 988 newnp->opt->opt_flen); 989 990 tcp_mtup_init(newsk); 991 tcp_sync_mss(newsk, dst_mtu(dst)); 992 newtp->advmss = dst_metric(dst, RTAX_ADVMSS); 993 tcp_initialize_rcv_mss(newsk); 994 995 newinet->daddr = newinet->saddr = newinet->rcv_saddr = LOOPBACK4_IPV6; 996 997 __inet6_hash(&tcp_hashinfo, newsk); 998 inet_inherit_port(&tcp_hashinfo, sk, newsk); 999 1000 return newsk; 1001 1002 out_overflow: 1003 NET_INC_STATS_BH(LINUX_MIB_LISTENOVERFLOWS); 1004 out: 1005 NET_INC_STATS_BH(LINUX_MIB_LISTENDROPS); 1006 if (opt && opt != np->opt) 1007 sock_kfree_s(sk, opt, opt->tot_len); 1008 dst_release(dst); 1009 return NULL; 1010 } 1011 1012 static int tcp_v6_checksum_init(struct sk_buff *skb) 1013 { 1014 if (skb->ip_summed == CHECKSUM_HW) { 1015 if (!tcp_v6_check(skb->h.th,skb->len,&skb->nh.ipv6h->saddr, 1016 &skb->nh.ipv6h->daddr,skb->csum)) { 1017 skb->ip_summed = CHECKSUM_UNNECESSARY; 1018 return 0; 1019 } 1020 } 1021 1022 skb->csum = ~tcp_v6_check(skb->h.th,skb->len,&skb->nh.ipv6h->saddr, 1023 &skb->nh.ipv6h->daddr, 0); 1024 1025 if (skb->len <= 76) { 1026 return __skb_checksum_complete(skb); 1027 } 1028 return 0; 1029 } 1030 1031 /* The socket must have it's spinlock held when we get 1032 * here. 1033 * 1034 * We have a potential double-lock case here, so even when 1035 * doing backlog processing we use the BH locking scheme. 1036 * This is because we cannot sleep with the original spinlock 1037 * held. 1038 */ 1039 static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb) 1040 { 1041 struct ipv6_pinfo *np = inet6_sk(sk); 1042 struct tcp_sock *tp; 1043 struct sk_buff *opt_skb = NULL; 1044 1045 /* Imagine: socket is IPv6. IPv4 packet arrives, 1046 goes to IPv4 receive handler and backlogged. 1047 From backlog it always goes here. Kerboom... 1048 Fortunately, tcp_rcv_established and rcv_established 1049 handle them correctly, but it is not case with 1050 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK 1051 */ 1052 1053 if (skb->protocol == htons(ETH_P_IP)) 1054 return tcp_v4_do_rcv(sk, skb); 1055 1056 if (sk_filter(sk, skb, 0)) 1057 goto discard; 1058 1059 /* 1060 * socket locking is here for SMP purposes as backlog rcv 1061 * is currently called with bh processing disabled. 1062 */ 1063 1064 /* Do Stevens' IPV6_PKTOPTIONS. 1065 1066 Yes, guys, it is the only place in our code, where we 1067 may make it not affecting IPv4. 1068 The rest of code is protocol independent, 1069 and I do not like idea to uglify IPv4. 1070 1071 Actually, all the idea behind IPV6_PKTOPTIONS 1072 looks not very well thought. For now we latch 1073 options, received in the last packet, enqueued 1074 by tcp. Feel free to propose better solution. 1075 --ANK (980728) 1076 */ 1077 if (np->rxopt.all) 1078 opt_skb = skb_clone(skb, GFP_ATOMIC); 1079 1080 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */ 1081 TCP_CHECK_TIMER(sk); 1082 if (tcp_rcv_established(sk, skb, skb->h.th, skb->len)) 1083 goto reset; 1084 TCP_CHECK_TIMER(sk); 1085 if (opt_skb) 1086 goto ipv6_pktoptions; 1087 return 0; 1088 } 1089 1090 if (skb->len < (skb->h.th->doff<<2) || tcp_checksum_complete(skb)) 1091 goto csum_err; 1092 1093 if (sk->sk_state == TCP_LISTEN) { 1094 struct sock *nsk = tcp_v6_hnd_req(sk, skb); 1095 if (!nsk) 1096 goto discard; 1097 1098 /* 1099 * Queue it on the new socket if the new socket is active, 1100 * otherwise we just shortcircuit this and continue with 1101 * the new socket.. 1102 */ 1103 if(nsk != sk) { 1104 if (tcp_child_process(sk, nsk, skb)) 1105 goto reset; 1106 if (opt_skb) 1107 __kfree_skb(opt_skb); 1108 return 0; 1109 } 1110 } 1111 1112 TCP_CHECK_TIMER(sk); 1113 if (tcp_rcv_state_process(sk, skb, skb->h.th, skb->len)) 1114 goto reset; 1115 TCP_CHECK_TIMER(sk); 1116 if (opt_skb) 1117 goto ipv6_pktoptions; 1118 return 0; 1119 1120 reset: 1121 tcp_v6_send_reset(skb); 1122 discard: 1123 if (opt_skb) 1124 __kfree_skb(opt_skb); 1125 kfree_skb(skb); 1126 return 0; 1127 csum_err: 1128 TCP_INC_STATS_BH(TCP_MIB_INERRS); 1129 goto discard; 1130 1131 1132 ipv6_pktoptions: 1133 /* Do you ask, what is it? 1134 1135 1. skb was enqueued by tcp. 1136 2. skb is added to tail of read queue, rather than out of order. 1137 3. socket is not in passive state. 1138 4. Finally, it really contains options, which user wants to receive. 1139 */ 1140 tp = tcp_sk(sk); 1141 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt && 1142 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) { 1143 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo) 1144 np->mcast_oif = inet6_iif(opt_skb); 1145 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) 1146 np->mcast_hops = opt_skb->nh.ipv6h->hop_limit; 1147 if (ipv6_opt_accepted(sk, opt_skb)) { 1148 skb_set_owner_r(opt_skb, sk); 1149 opt_skb = xchg(&np->pktoptions, opt_skb); 1150 } else { 1151 __kfree_skb(opt_skb); 1152 opt_skb = xchg(&np->pktoptions, NULL); 1153 } 1154 } 1155 1156 if (opt_skb) 1157 kfree_skb(opt_skb); 1158 return 0; 1159 } 1160 1161 static int tcp_v6_rcv(struct sk_buff **pskb) 1162 { 1163 struct sk_buff *skb = *pskb; 1164 struct tcphdr *th; 1165 struct sock *sk; 1166 int ret; 1167 1168 if (skb->pkt_type != PACKET_HOST) 1169 goto discard_it; 1170 1171 /* 1172 * Count it even if it's bad. 1173 */ 1174 TCP_INC_STATS_BH(TCP_MIB_INSEGS); 1175 1176 if (!pskb_may_pull(skb, sizeof(struct tcphdr))) 1177 goto discard_it; 1178 1179 th = skb->h.th; 1180 1181 if (th->doff < sizeof(struct tcphdr)/4) 1182 goto bad_packet; 1183 if (!pskb_may_pull(skb, th->doff*4)) 1184 goto discard_it; 1185 1186 if ((skb->ip_summed != CHECKSUM_UNNECESSARY && 1187 tcp_v6_checksum_init(skb))) 1188 goto bad_packet; 1189 1190 th = skb->h.th; 1191 TCP_SKB_CB(skb)->seq = ntohl(th->seq); 1192 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin + 1193 skb->len - th->doff*4); 1194 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq); 1195 TCP_SKB_CB(skb)->when = 0; 1196 TCP_SKB_CB(skb)->flags = ipv6_get_dsfield(skb->nh.ipv6h); 1197 TCP_SKB_CB(skb)->sacked = 0; 1198 1199 sk = __inet6_lookup(&tcp_hashinfo, &skb->nh.ipv6h->saddr, th->source, 1200 &skb->nh.ipv6h->daddr, ntohs(th->dest), 1201 inet6_iif(skb)); 1202 1203 if (!sk) 1204 goto no_tcp_socket; 1205 1206 process: 1207 if (sk->sk_state == TCP_TIME_WAIT) 1208 goto do_time_wait; 1209 1210 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb)) 1211 goto discard_and_relse; 1212 1213 if (sk_filter(sk, skb, 0)) 1214 goto discard_and_relse; 1215 1216 skb->dev = NULL; 1217 1218 bh_lock_sock(sk); 1219 ret = 0; 1220 if (!sock_owned_by_user(sk)) { 1221 #ifdef CONFIG_NET_DMA 1222 struct tcp_sock *tp = tcp_sk(sk); 1223 if (tp->ucopy.dma_chan) 1224 ret = tcp_v6_do_rcv(sk, skb); 1225 else 1226 #endif 1227 { 1228 if (!tcp_prequeue(sk, skb)) 1229 ret = tcp_v6_do_rcv(sk, skb); 1230 } 1231 } else 1232 sk_add_backlog(sk, skb); 1233 bh_unlock_sock(sk); 1234 1235 sock_put(sk); 1236 return ret ? -1 : 0; 1237 1238 no_tcp_socket: 1239 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) 1240 goto discard_it; 1241 1242 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) { 1243 bad_packet: 1244 TCP_INC_STATS_BH(TCP_MIB_INERRS); 1245 } else { 1246 tcp_v6_send_reset(skb); 1247 } 1248 1249 discard_it: 1250 1251 /* 1252 * Discard frame 1253 */ 1254 1255 kfree_skb(skb); 1256 return 0; 1257 1258 discard_and_relse: 1259 sock_put(sk); 1260 goto discard_it; 1261 1262 do_time_wait: 1263 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) { 1264 inet_twsk_put((struct inet_timewait_sock *)sk); 1265 goto discard_it; 1266 } 1267 1268 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) { 1269 TCP_INC_STATS_BH(TCP_MIB_INERRS); 1270 inet_twsk_put((struct inet_timewait_sock *)sk); 1271 goto discard_it; 1272 } 1273 1274 switch (tcp_timewait_state_process((struct inet_timewait_sock *)sk, 1275 skb, th)) { 1276 case TCP_TW_SYN: 1277 { 1278 struct sock *sk2; 1279 1280 sk2 = inet6_lookup_listener(&tcp_hashinfo, 1281 &skb->nh.ipv6h->daddr, 1282 ntohs(th->dest), inet6_iif(skb)); 1283 if (sk2 != NULL) { 1284 struct inet_timewait_sock *tw = inet_twsk(sk); 1285 inet_twsk_deschedule(tw, &tcp_death_row); 1286 inet_twsk_put(tw); 1287 sk = sk2; 1288 goto process; 1289 } 1290 /* Fall through to ACK */ 1291 } 1292 case TCP_TW_ACK: 1293 tcp_v6_timewait_ack(sk, skb); 1294 break; 1295 case TCP_TW_RST: 1296 goto no_tcp_socket; 1297 case TCP_TW_SUCCESS:; 1298 } 1299 goto discard_it; 1300 } 1301 1302 static int tcp_v6_remember_stamp(struct sock *sk) 1303 { 1304 /* Alas, not yet... */ 1305 return 0; 1306 } 1307 1308 static struct inet_connection_sock_af_ops ipv6_specific = { 1309 .queue_xmit = inet6_csk_xmit, 1310 .send_check = tcp_v6_send_check, 1311 .rebuild_header = inet6_sk_rebuild_header, 1312 .conn_request = tcp_v6_conn_request, 1313 .syn_recv_sock = tcp_v6_syn_recv_sock, 1314 .remember_stamp = tcp_v6_remember_stamp, 1315 .net_header_len = sizeof(struct ipv6hdr), 1316 .setsockopt = ipv6_setsockopt, 1317 .getsockopt = ipv6_getsockopt, 1318 .addr2sockaddr = inet6_csk_addr2sockaddr, 1319 .sockaddr_len = sizeof(struct sockaddr_in6), 1320 #ifdef CONFIG_COMPAT 1321 .compat_setsockopt = compat_ipv6_setsockopt, 1322 .compat_getsockopt = compat_ipv6_getsockopt, 1323 #endif 1324 }; 1325 1326 /* 1327 * TCP over IPv4 via INET6 API 1328 */ 1329 1330 static struct inet_connection_sock_af_ops ipv6_mapped = { 1331 .queue_xmit = ip_queue_xmit, 1332 .send_check = tcp_v4_send_check, 1333 .rebuild_header = inet_sk_rebuild_header, 1334 .conn_request = tcp_v6_conn_request, 1335 .syn_recv_sock = tcp_v6_syn_recv_sock, 1336 .remember_stamp = tcp_v4_remember_stamp, 1337 .net_header_len = sizeof(struct iphdr), 1338 .setsockopt = ipv6_setsockopt, 1339 .getsockopt = ipv6_getsockopt, 1340 .addr2sockaddr = inet6_csk_addr2sockaddr, 1341 .sockaddr_len = sizeof(struct sockaddr_in6), 1342 #ifdef CONFIG_COMPAT 1343 .compat_setsockopt = compat_ipv6_setsockopt, 1344 .compat_getsockopt = compat_ipv6_getsockopt, 1345 #endif 1346 }; 1347 1348 /* NOTE: A lot of things set to zero explicitly by call to 1349 * sk_alloc() so need not be done here. 1350 */ 1351 static int tcp_v6_init_sock(struct sock *sk) 1352 { 1353 struct inet_connection_sock *icsk = inet_csk(sk); 1354 struct tcp_sock *tp = tcp_sk(sk); 1355 1356 skb_queue_head_init(&tp->out_of_order_queue); 1357 tcp_init_xmit_timers(sk); 1358 tcp_prequeue_init(tp); 1359 1360 icsk->icsk_rto = TCP_TIMEOUT_INIT; 1361 tp->mdev = TCP_TIMEOUT_INIT; 1362 1363 /* So many TCP implementations out there (incorrectly) count the 1364 * initial SYN frame in their delayed-ACK and congestion control 1365 * algorithms that we must have the following bandaid to talk 1366 * efficiently to them. -DaveM 1367 */ 1368 tp->snd_cwnd = 2; 1369 1370 /* See draft-stevens-tcpca-spec-01 for discussion of the 1371 * initialization of these values. 1372 */ 1373 tp->snd_ssthresh = 0x7fffffff; 1374 tp->snd_cwnd_clamp = ~0; 1375 tp->mss_cache = 536; 1376 1377 tp->reordering = sysctl_tcp_reordering; 1378 1379 sk->sk_state = TCP_CLOSE; 1380 1381 icsk->icsk_af_ops = &ipv6_specific; 1382 icsk->icsk_ca_ops = &tcp_init_congestion_ops; 1383 icsk->icsk_sync_mss = tcp_sync_mss; 1384 sk->sk_write_space = sk_stream_write_space; 1385 sock_set_flag(sk, SOCK_USE_WRITE_QUEUE); 1386 1387 sk->sk_sndbuf = sysctl_tcp_wmem[1]; 1388 sk->sk_rcvbuf = sysctl_tcp_rmem[1]; 1389 1390 atomic_inc(&tcp_sockets_allocated); 1391 1392 return 0; 1393 } 1394 1395 static int tcp_v6_destroy_sock(struct sock *sk) 1396 { 1397 tcp_v4_destroy_sock(sk); 1398 return inet6_destroy_sock(sk); 1399 } 1400 1401 /* Proc filesystem TCPv6 sock list dumping. */ 1402 static void get_openreq6(struct seq_file *seq, 1403 struct sock *sk, struct request_sock *req, int i, int uid) 1404 { 1405 int ttd = req->expires - jiffies; 1406 struct in6_addr *src = &inet6_rsk(req)->loc_addr; 1407 struct in6_addr *dest = &inet6_rsk(req)->rmt_addr; 1408 1409 if (ttd < 0) 1410 ttd = 0; 1411 1412 seq_printf(seq, 1413 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " 1414 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n", 1415 i, 1416 src->s6_addr32[0], src->s6_addr32[1], 1417 src->s6_addr32[2], src->s6_addr32[3], 1418 ntohs(inet_sk(sk)->sport), 1419 dest->s6_addr32[0], dest->s6_addr32[1], 1420 dest->s6_addr32[2], dest->s6_addr32[3], 1421 ntohs(inet_rsk(req)->rmt_port), 1422 TCP_SYN_RECV, 1423 0,0, /* could print option size, but that is af dependent. */ 1424 1, /* timers active (only the expire timer) */ 1425 jiffies_to_clock_t(ttd), 1426 req->retrans, 1427 uid, 1428 0, /* non standard timer */ 1429 0, /* open_requests have no inode */ 1430 0, req); 1431 } 1432 1433 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i) 1434 { 1435 struct in6_addr *dest, *src; 1436 __u16 destp, srcp; 1437 int timer_active; 1438 unsigned long timer_expires; 1439 struct inet_sock *inet = inet_sk(sp); 1440 struct tcp_sock *tp = tcp_sk(sp); 1441 const struct inet_connection_sock *icsk = inet_csk(sp); 1442 struct ipv6_pinfo *np = inet6_sk(sp); 1443 1444 dest = &np->daddr; 1445 src = &np->rcv_saddr; 1446 destp = ntohs(inet->dport); 1447 srcp = ntohs(inet->sport); 1448 1449 if (icsk->icsk_pending == ICSK_TIME_RETRANS) { 1450 timer_active = 1; 1451 timer_expires = icsk->icsk_timeout; 1452 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) { 1453 timer_active = 4; 1454 timer_expires = icsk->icsk_timeout; 1455 } else if (timer_pending(&sp->sk_timer)) { 1456 timer_active = 2; 1457 timer_expires = sp->sk_timer.expires; 1458 } else { 1459 timer_active = 0; 1460 timer_expires = jiffies; 1461 } 1462 1463 seq_printf(seq, 1464 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " 1465 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p %u %u %u %u %d\n", 1466 i, 1467 src->s6_addr32[0], src->s6_addr32[1], 1468 src->s6_addr32[2], src->s6_addr32[3], srcp, 1469 dest->s6_addr32[0], dest->s6_addr32[1], 1470 dest->s6_addr32[2], dest->s6_addr32[3], destp, 1471 sp->sk_state, 1472 tp->write_seq-tp->snd_una, tp->rcv_nxt-tp->copied_seq, 1473 timer_active, 1474 jiffies_to_clock_t(timer_expires - jiffies), 1475 icsk->icsk_retransmits, 1476 sock_i_uid(sp), 1477 icsk->icsk_probes_out, 1478 sock_i_ino(sp), 1479 atomic_read(&sp->sk_refcnt), sp, 1480 icsk->icsk_rto, 1481 icsk->icsk_ack.ato, 1482 (icsk->icsk_ack.quick << 1 ) | icsk->icsk_ack.pingpong, 1483 tp->snd_cwnd, tp->snd_ssthresh>=0xFFFF?-1:tp->snd_ssthresh 1484 ); 1485 } 1486 1487 static void get_timewait6_sock(struct seq_file *seq, 1488 struct inet_timewait_sock *tw, int i) 1489 { 1490 struct in6_addr *dest, *src; 1491 __u16 destp, srcp; 1492 struct inet6_timewait_sock *tw6 = inet6_twsk((struct sock *)tw); 1493 int ttd = tw->tw_ttd - jiffies; 1494 1495 if (ttd < 0) 1496 ttd = 0; 1497 1498 dest = &tw6->tw_v6_daddr; 1499 src = &tw6->tw_v6_rcv_saddr; 1500 destp = ntohs(tw->tw_dport); 1501 srcp = ntohs(tw->tw_sport); 1502 1503 seq_printf(seq, 1504 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " 1505 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p\n", 1506 i, 1507 src->s6_addr32[0], src->s6_addr32[1], 1508 src->s6_addr32[2], src->s6_addr32[3], srcp, 1509 dest->s6_addr32[0], dest->s6_addr32[1], 1510 dest->s6_addr32[2], dest->s6_addr32[3], destp, 1511 tw->tw_substate, 0, 0, 1512 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0, 1513 atomic_read(&tw->tw_refcnt), tw); 1514 } 1515 1516 #ifdef CONFIG_PROC_FS 1517 static int tcp6_seq_show(struct seq_file *seq, void *v) 1518 { 1519 struct tcp_iter_state *st; 1520 1521 if (v == SEQ_START_TOKEN) { 1522 seq_puts(seq, 1523 " sl " 1524 "local_address " 1525 "remote_address " 1526 "st tx_queue rx_queue tr tm->when retrnsmt" 1527 " uid timeout inode\n"); 1528 goto out; 1529 } 1530 st = seq->private; 1531 1532 switch (st->state) { 1533 case TCP_SEQ_STATE_LISTENING: 1534 case TCP_SEQ_STATE_ESTABLISHED: 1535 get_tcp6_sock(seq, v, st->num); 1536 break; 1537 case TCP_SEQ_STATE_OPENREQ: 1538 get_openreq6(seq, st->syn_wait_sk, v, st->num, st->uid); 1539 break; 1540 case TCP_SEQ_STATE_TIME_WAIT: 1541 get_timewait6_sock(seq, v, st->num); 1542 break; 1543 } 1544 out: 1545 return 0; 1546 } 1547 1548 static struct file_operations tcp6_seq_fops; 1549 static struct tcp_seq_afinfo tcp6_seq_afinfo = { 1550 .owner = THIS_MODULE, 1551 .name = "tcp6", 1552 .family = AF_INET6, 1553 .seq_show = tcp6_seq_show, 1554 .seq_fops = &tcp6_seq_fops, 1555 }; 1556 1557 int __init tcp6_proc_init(void) 1558 { 1559 return tcp_proc_register(&tcp6_seq_afinfo); 1560 } 1561 1562 void tcp6_proc_exit(void) 1563 { 1564 tcp_proc_unregister(&tcp6_seq_afinfo); 1565 } 1566 #endif 1567 1568 struct proto tcpv6_prot = { 1569 .name = "TCPv6", 1570 .owner = THIS_MODULE, 1571 .close = tcp_close, 1572 .connect = tcp_v6_connect, 1573 .disconnect = tcp_disconnect, 1574 .accept = inet_csk_accept, 1575 .ioctl = tcp_ioctl, 1576 .init = tcp_v6_init_sock, 1577 .destroy = tcp_v6_destroy_sock, 1578 .shutdown = tcp_shutdown, 1579 .setsockopt = tcp_setsockopt, 1580 .getsockopt = tcp_getsockopt, 1581 .sendmsg = tcp_sendmsg, 1582 .recvmsg = tcp_recvmsg, 1583 .backlog_rcv = tcp_v6_do_rcv, 1584 .hash = tcp_v6_hash, 1585 .unhash = tcp_unhash, 1586 .get_port = tcp_v6_get_port, 1587 .enter_memory_pressure = tcp_enter_memory_pressure, 1588 .sockets_allocated = &tcp_sockets_allocated, 1589 .memory_allocated = &tcp_memory_allocated, 1590 .memory_pressure = &tcp_memory_pressure, 1591 .orphan_count = &tcp_orphan_count, 1592 .sysctl_mem = sysctl_tcp_mem, 1593 .sysctl_wmem = sysctl_tcp_wmem, 1594 .sysctl_rmem = sysctl_tcp_rmem, 1595 .max_header = MAX_TCP_HEADER, 1596 .obj_size = sizeof(struct tcp6_sock), 1597 .twsk_prot = &tcp6_timewait_sock_ops, 1598 .rsk_prot = &tcp6_request_sock_ops, 1599 #ifdef CONFIG_COMPAT 1600 .compat_setsockopt = compat_tcp_setsockopt, 1601 .compat_getsockopt = compat_tcp_getsockopt, 1602 #endif 1603 }; 1604 1605 static struct inet6_protocol tcpv6_protocol = { 1606 .handler = tcp_v6_rcv, 1607 .err_handler = tcp_v6_err, 1608 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL, 1609 }; 1610 1611 static struct inet_protosw tcpv6_protosw = { 1612 .type = SOCK_STREAM, 1613 .protocol = IPPROTO_TCP, 1614 .prot = &tcpv6_prot, 1615 .ops = &inet6_stream_ops, 1616 .capability = -1, 1617 .no_check = 0, 1618 .flags = INET_PROTOSW_PERMANENT | 1619 INET_PROTOSW_ICSK, 1620 }; 1621 1622 void __init tcpv6_init(void) 1623 { 1624 /* register inet6 protocol */ 1625 if (inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP) < 0) 1626 printk(KERN_ERR "tcpv6_init: Could not register protocol\n"); 1627 inet6_register_protosw(&tcpv6_protosw); 1628 1629 if (inet_csk_ctl_sock_create(&tcp6_socket, PF_INET6, SOCK_RAW, 1630 IPPROTO_TCP) < 0) 1631 panic("Failed to create the TCPv6 control socket.\n"); 1632 } 1633